Scareware mongers cough up $8m to settle fraud charges

Federal authorities will collect $8 million from members of a scareware operation that duped more than a million people into installing bogus security software on their computers.

Marc D'Souza and his father, Maurice D'Souza, agreed to pay $8.2 million in “ill-gotten gains” generated by the scam, which pimped software titles such as Winfixer, Drive Cleaner, and Antivirus XP. The operation worked by plastering legitimate websites with ads that were manipulated to look like antivirus scans that inevitably found infections that could only be fixed with packages that ranged from $40 to $60 in price.

The US Federal Trade Commission – which in 2008 brought fraud charges against Innovative Marketing, ByteHosting Internet Services, and several individuals – alleged the operation went to great lengths to trick some of the world's more popular websites into carrying the deceptive ads. When one site rejected the ads, the defendants formed sham advertising agencies that placed the malicious ads themselves.

The FTC has come under criticism in the past for delivering mild wrist slaps to internet-based fraudsters who are blatantly breaking the law. The case against Innovative Marketing and ByteHost shows the agency's better side. Government prosecutors doggedly pursued the defendants, some based overseas, after they failed to appear at court hearings and flouted a judge's order that they shut down their operation.

In 2009, defendant James Reno agreed to pay a reduced penalty of $116,000 and promised to get out of the scareware business for good. The FTC has already obtained default judgements against three other defendants. The case continues against the sole remaining defendant in the case, Kristy Ross.